-
Notifications
You must be signed in to change notification settings - Fork 129
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(node-api): hardened CustomValidator
validation
#2093
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #2093 +/- ##
==========================================
+ Coverage 23.41% 23.44% +0.02%
==========================================
Files 356 356
Lines 16008 15994 -14
Branches 12 12
==========================================
Hits 3749 3749
+ Misses 12094 12080 -14
Partials 165 165
|
WalkthroughThe changes involve a refactor of the Changes
Suggested reviewers
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 1
📜 Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
📒 Files selected for processing (1)
- mod/node-api/engines/echo/vaildator.go (3 hunks)
🧰 Additional context used
🔇 Additional comments (3)
mod/node-api/engines/echo/vaildator.go (3)
30-31
: Approved: Added necessary imports for type-based validationThe added imports for
common
andcrypto
packages are necessary for the new type-based validation logic.
134-136
: Approved: EnhancedValidateValidatorID
with type-based validationThe function now utilizes
crypto.BLSPubkey
for validation, improving type safety and eliminating reliance on regular expressions.
148-149
: Approved: UpdatedValidateRoot
to use structured parsingUsing
common.NewRootFromHex
enhances validation accuracy by relying on structured parsing instead of regular expressions.
"net/http" | ||
"regexp" | ||
"strconv" | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🧹 Nitpick (assertive)
Consider updating the TODO comment to reflect recent changes
The recent updates to ValidateValidatorID
and ValidateRoot
begin to address the concerns mentioned in the TODO comment regarding strong typing and avoidance of repeated .Field().String()
calls. Please update or remove the TODO comment if it's no longer applicable.
Would you like assistance in updating the TODO comment to reflect the remaining tasks?
For each validation function, we better use strict type enforcement that corresponds with the usage of the request data.
Summary by CodeRabbit
New Features
Refactor